The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

mod_ruid + jailshell - how to enable

Discussion in 'General Discussion' started by postcd, Jul 16, 2014.

  1. postcd

    postcd Well-Known Member

    Joined:
    Oct 22, 2010
    Messages:
    621
    Likes Received:
    6
    Trophy Points:
    18
    Hello,

    please how can i enable mod_ruid and jailshell on my whm server?
    It is adviced by this post: https://forums.cpanel.net/f185/solutions-handling-symlink-attacks-202242-p23.html#post1397221
    and there too: http://www.sysadmindiaries.com/2013/07/how-to-prevent-cpanel-apache-symlink.html
    Currently i have suphp, suexec..

    In Home »Server Configuration »Tweak Settings, Security tab,
    i have "EXPERIMENTAL: Jail Apache Virtual Hosts using mod_ruid2 and cPanel® jailshell. [?]", but its grayed out, so i cant activate it..
     
    #1 postcd, Jul 16, 2014
    Last edited: Jul 16, 2014
  2. mywhm

    mywhm Active Member

    Joined:
    Jan 15, 2014
    Messages:
    27
    Likes Received:
    1
    Trophy Points:
    3
    cPanel Access Level:
    Root Administrator
    See Change Loog:

    http://documentation.cpanel.net/display/EA/EasyApache+Change+Log


    Mod Ruid2
    Apache 2.2
    PHP 5.4


    This profile includes the modules from the Basic profile. This configuration utilizes Mod Ruid2 to improve the security of your server. We recommend that you select this profile if you use either the CGI, DSO, or the suPHP PHP handler.

    *****
    Implemented case 107165: Remove experimental tag from PHP 5.5 and ModRuid2

    Today. ModRuid2 is not experimental.

    Update cpanel and the ultimate version.
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,723
    Likes Received:
    660
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    You must first compile Mod_Ruid2 via EasyApache. Then, you will see it available in:

    "WHM Home » Service Configuration » Configure PHP and suEXEC"

    The option you referenced will not be greyed out after you enable Mod_Ruid2.

    Thank you.
     
  4. postcd

    postcd Well-Known Member

    Joined:
    Oct 22, 2010
    Messages:
    621
    Likes Received:
    6
    Trophy Points:
    18
    In EasyApache, net to mod ruid2 it says that there will be disabled following packages (amongst others):
    Disables:
    Cache
    Disk Cache
    Mod FastCGI v2.3.9
    MemCache

    So i want to ask which alternative caching things i can use for the best server performance? (running wordpress blogs, joomla and more) thx

    // when i added mod ruid2 and compiled easyapache, then modruid was enabled and i seen 403 forbidde errors on all websites. when i disabled mod ruid in Server settings / tweak settings / security and restarted apache, it started working again. the httpd error log file contained things like:
    Code:
    (13)Permission denied: ... .htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable
    SecurityException in Application.cpp:186: Do not have root privileges. Executable not set-uid root?
    [error] mod_ruid2 domain.com GET /feed.php?f=143 HTTP/1.1 chdir to /home/virtfs/fmyusername failed
    :-/
     
    #4 postcd, Aug 1, 2014
    Last edited: Aug 1, 2014
  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,723
    Likes Received:
    660
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Please ensure you open separate threads for each individual issue (e.g. best cache options). As far as this error:

    Check that .htaccess file to determine what it's permission and ownership values are.

    Thank you.
     
Loading...

Share This Page